% !TEX root = main.tex

\section{Introduction}
\label{sec:introduction}

Information security is a significant issue in computer science and it keeps attracting researchers and engineers' interest since decades \cite{ms:sec-dev-lifecycle}.
\emph{Model-Driven Security} (\mds) emerged in the last decade as a specialized Model-Driven Engineering (\mde) approach applied to security domain.
Several goals are expected. 
First, \mds adopts the well-accepted design principle, Separation of Concerns (\soc) \cite{springerlink:10.1007/978-3-642-16086-8-8}, 
that enables delegation of each concern to dedicated specialists instead of mixing them within the same development process (\emph{modularity}).
Second, separating security concerns also improves \emph{reusability} among various business scenarios. 
Third, as an inherited characteristic from \mde, modeling security concerns at a higher level abstraction than the final target platform and making them at some level independent from
business functionalities enables platform independence (\emph{portability}), as well as cross-platform \emph{interoperability}. 
Security experts can therefore focus on security-related issues, preventing from solving technical problems for specific system infrastructure.

In this exploratory paper, we first investigate several \mds definitions and propose a \emph{Y-Model} as a generic schema, based on the common features digested from these definitions, 
to evaluate various \mds methodologies in the literature. 
Then we analyze the capabilities and inadequacies of these \mds methodologies according to the proposed Y-Model. 
A comparison table following the analysis summarizes the performance of these \mds methodologies comparing with the general goals of \mds. 
Furthermore, we reason about the evolution process of \mds in the last decade based on the features of the evaluated \mds methodologies. 
To manage the increasing need for modeling diverse security aspects, we then propose an enriched Y-Model in a way that
leverages on ontology mapping based on the trend we extrapolated for our analysis of \mds evolution. 
The enhanced Y-Model presents a possible future evolution direction of \mds which is able to deal with \emph{heterogeneity} in
modeling and analyzing different security concerns. 

The remaining part of this exploratory paper is structured as follows: 
\sect \ref{sec:mds} explores various \mds definitions and proposes a \emph{Y-Model} as a generic evaluation schema 
incorporating common characteristics extracted from those definitions; 
\sect \ref{sec:evaluation} evaluates various existing \mds methodologies in the literature according to the Y-Model and discusses 
the modeling and security analysis capabilities and drawbacks of these methodologies; 
\sect \ref{sec:heterogeneity} discusses the evolution trend of \mds and proposes an initial conceptual model for future \mds with heterogeneity; 
\sect \ref{sec:conclusion} closes with some concluding remarks.
